from rest_framework.authentication import BaseAuthentication
from rest_framework.exceptions import  APIException
from serializer.models import UserToken

# 第一步：定义认证类
class UserAuth(BaseAuthentication):

    # 第三步：所有的认证逻辑都在authenticate
    def authenticate(self,request):
        user_token = request.query_params.get("token")  # query_params == GET
        try:
            token = UserToken.objects.get(token=user_token)
            # 后面权限会用到
            # 返回验证后的user和token
            return token.user, token.token
        except Exception:
            raise APIException("没有认证")